Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
0
Helpful
1
Replies

Circumvent routing table while using AnyConnect client

gaboughanem
Level 1
Level 1

‎01-12-2020 01:35 PM - edited ‎01-12-2020 01:35 PM

Hello,

An entity "A" is accessing a server at another entity "B"using anyconnect. Entity B is forcing full tunnel in the ASA group-policy and this setting is causing issues for entity A. where entity A is losing anyconnect to the terminal that is initiating the anyconnect. 

Entity B is not allowing any split tunnel (Only full tunnel) for local lan or other network on entity A side to use.

 

How can I circumvent the routing table that the terminal is using to initiate the vpn tunnel (windows 10).

I tried to a add route on the win10 to point to gateway before initiating the tunnel (that networking that is routing on is used to access the win 10 to initiate the vpn), in which the access is lost once vpn is up and full is initiated.

 

any ideas how to circumvent the routing table while anyconnect  is up

 

 

Regards, 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-12-2020 07:27 PM

That should not be possible by design. The full tunnel policy and Anyconnect Secure Mobility Client are designed to restrict access to only the direct client being used for access and to require all traffic to be constrained by the remote end's security policy.

If you were able to circumvent it, the whole point of their security policy would be missed.

0 Helpful
Customers Also Viewed These Support Documents